Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
A four-star hotel in the U.S. has discovered a data breach that may have compromised an undisclosed number of guests’ credit card information.
The Galt House Hotel, located in the state of Kentucky, discovered malicious software stealing information from a “payment card processing system” where credit card information is stored for payment purposes.
An internal investigation discovered the malware, and it’s believed that guests who used their credit cards to pay for visits between 21st December 2016 and 11th April 2017 may be affected.
The hotel has not disclosed how many guests stayed with them or used their credit cards in the hotel during the three-and-a-half month period where the breach is thought to have happened. According to reports, the malicious software was programmed to infiltrate the payment card processing system and copy all the credit information it could find.
It’s suspected that the following information was stolen by the malware:
With this much information, credit card holders are potentially at a huge risk of unauthorised banking activity, financial fraud, and even being contacted by data criminals who impersonate service providers to obtain even more information or defraud victims of money.
The hotel has apparently “resolved the issue” and is taking steps to patch up and increase security measures.
Still, a data breach like this one cannot always be simply “resolved”. An organisation can identify the malware, remove it, and put in new and improved security, but the damage is done and it may be much harder to repair. The impact of a data breach can mean no tangible end – those whose data has been stolen could at any point fall victim to some sort of scam.
For this data breach, the credit card owners may never know just how many people have had access to their information; if they still have it; what they have done with it; and what they may do with it in the future.
As long as that information remains valid, the data owners may be at risk of unauthorised financial activity.
Even when the information is no longer valid – e.g. the credit card owner closes down their bank account – cybercriminals may contact the individual, pretending to be, perhaps, an internet provider. They may say that payments aren’t coming through and convince the individual to go through their new credit details to ensure they still get access to some form of service. The fraudsters can be quite convincing and may try several ways of trying to steal victims’ money.
The Galt House Hotel’s data breach is reminiscent of InterContinental Hotels Group’s (IHG) own data breach earlier this year. Even though the IHG is a multinational corporation, the source of their data breach was also though malware on payment card systems.
Back in April 2016, the Trump Hotel Collection reportedly suffered a data breach twice in one year. Reports revealed that the point-of-sale systems were infected with malware.
This pattern is not a coincidence. Hotels, restaurants and retailers who use point-of-sale systems or other payment card systems need to recognise the vulnerabilities.
In a society where bank transactions are so easy and convenient, the machines and systems processing these payments cannot be simply installed and expected to provide adequate security as they are. Today, there are many ways the scammers can use to penetrate systems of all kinds. Cybersecurity needs to always be a priority.
The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.